Docker (2) Image in my eyes, dockerimage in my eyes
Docker Installation
For details about how to install docker, see installation or Chinese guide on the official website.
However, I recommend using curl for installation on linux, because the source in apt-get is either not docker or the version is low.
$ sudo apt-get install curl$ sudo curl -sSL https://get.docker.com/ | sh$ sudo docker run hello-world
If the last command is successful, docker can run normally.
However, we recommend that you use the DaoCloud service for installation because of the obvious national conditions in China:
# curl -sSL https://get.daocloud.io/docker | sh
After that, you 'd better configure the DaoCloud acceleration service (accelerator), that is, set mirror:
$ echo "DOCKER_OPTS=\"\$DOCKER_OPTS --registry-mirror=http://f9495414.m.daocloud.io\"" | sudo tee -a /etc/default/docker$ sudo service docker restart
Image command
Image is the cornerstone of docker. For more information about commands, see the official document doc.
Common Commands include:
$ # List all images $ sudo docker images $ # New pull images $ sudo docker pull hello-world $ # tag an image, tag for an image is just like the reference count $ sudo docker tag hello-world myname/hello-world $ # push the image to docker hub $ sudo docker push myname/hello-world $ # In docker hub search image $ sudo docker search ubuntu $ # delete an image $ sudo docker rmi hello-world $ # delete an image named <none> (it may not exist during the build or pull Process an intermediate image is successfully left) $ sudo docker images | grep "<none>" | tr-s ''| cut-f3-d" "| sudo parallel docker rmi {}
Image Composition
Image is a basic unit that can be run. When we run docker images, what exactly are the images displayed?
An Image is a hierarchical file system called Union FS. Combined with a file system, several layers of directories can be mounted together to become the same virtual file system. The directory structure of the file system is the same as that of a common linux. docker provides a linux virtual environment through these files and the kernel of the host. Each layer of the file system is called a layer. The file system can set three permissions for each layer of the file system: Read-only, read-write, and write (whiteout-able ), however, each layer of the docker image file system is read-only.
When building an image, starting from the most basic operating system, each build operation is equivalent to making a layer of modifications, adding a layer of file systems, and stacking them up, modifications to the upper layer overwrite the visibility of the bottom layer, which is easy to understand, just as the upper layer hides the bottom layer. When you use it, you will only see a complete whole. You do not know how many layers are in it, or what changes are made for each layer. The structure is similar to this:
Basically, a typical Linux file system consists of bootfs and rootfs. bootfs (boot file system) mainly includes bootloader and kernel, and bootloader is mainly used to boot and load kernel, when the kernel is loaded into the memory, the bootfs will be umount. Rootfs (root file system) contains standard directories and files such as/dev,/proc,/bin, and/etc in typical Linux systems. See, which is the most basic two-layer structure in docker image:
Different linux distributions (such as ubuntu and CentOS) differ in the rootfs layer, reflecting the differences in the releases:
When loading bootfs in traditional Linux, The rootfs is set to read-only, and then the rootfs is changed from read-only to read-write after system self-check, then we can perform read and write operations on rootfs. However, after bootfs self-check, Docker does not change the read-only of rootfs to read-write, but uses union mount (a mount mechanism of UnionFS) load other layers in the image to the previous read-only rootfs layer. Each layer is a rootfs structure and is read-only. Therefore, we cannot modify the layers in an existing image! Only when we create a container, that is, instantiating the Docker image, will the system allocate an empty read-write rootfs to save our modifications. The changes saved by layer layers are incremental, just like git.
Image structure
If we have an ubuntu: 14.04 image, we can save it as a tar file and observe:
➜ ~ sudo docker save -o ubuntu_image.tar ubuntu:14.04➜ ~ tar -tf ubuntu_image.tar 428b411c28f0c33e561a95400a729552db578aee0553f87053b96fc0008cca6a/428b411c28f0c33e561a95400a729552db578aee0553f87053b96fc0008cca6a/VERSION428b411c28f0c33e561a95400a729552db578aee0553f87053b96fc0008cca6a/json428b411c28f0c33e561a95400a729552db578aee0553f87053b96fc0008cca6a/layer.tar435050075b3f881611b0f4c141bb723f38603caacd31a13a185c1a38acfb4ade/435050075b3f881611b0f4c141bb723f38603caacd31a13a185c1a38acfb4ade/VERSION435050075b3f881611b0f4c141bb723f38603caacd31a13a185c1a38acfb4ade/json435050075b3f881611b0f4c141bb723f38603caacd31a13a185c1a38acfb4ade/layer.tar6d4946999d4fb403f40e151ecbd13cb866da125431eb1df0cdfd4dc72674e3c6/6d4946999d4fb403f40e151ecbd13cb866da125431eb1df0cdfd4dc72674e3c6/VERSION6d4946999d4fb403f40e151ecbd13cb866da125431eb1df0cdfd4dc72674e3c6/json6d4946999d4fb403f40e151ecbd13cb866da125431eb1df0cdfd4dc72674e3c6/layer.tar9fd3c8c9af32dddb1793ccb5f6535e12d735eacae16f8f8c4214f42f33fe3d29/9fd3c8c9af32dddb1793ccb5f6535e12d735eacae16f8f8c4214f42f33fe3d29/VERSION9fd3c8c9af32dddb1793ccb5f6535e12d735eacae16f8f8c4214f42f33fe3d29/json9fd3c8c9af32dddb1793ccb5f6535e12d735eacae16f8f8c4214f42f33fe3d29/layer.tarrepositories
We can see that the image in ubuntu is actually a compressed file with Four folders, namely four layers, one folder for each layer, and a repositories file. More intuitively, You can decompress the package to the folder and run the tree Command to view it:
➜ ubuntu:14.04 tree .├── 428b411c28f0c33e561a95400a729552db578aee0553f87053b96fc0008cca6a│ ├── json│ ├── layer.tar│ └── VERSION├── 435050075b3f881611b0f4c141bb723f38603caacd31a13a185c1a38acfb4ade│ ├── json│ ├── layer.tar│ └── VERSION├── 6d4946999d4fb403f40e151ecbd13cb866da125431eb1df0cdfd4dc72674e3c6│ ├── json│ ├── layer.tar│ └── VERSION├── 9fd3c8c9af32dddb1793ccb5f6535e12d735eacae16f8f8c4214f42f33fe3d29│ ├── json│ ├── layer.tar│ └── VERSION└── repositories4 directories, 13 files
It can be said that the structure of each folder is the same, which means that the layers of each layer are organized in the same way, represented by json1_layer.tar and VERSION. Let's first look at the repositories file, which is a JSON definition and stores three pieces of information: The image name, tag, and tag corresponding layer (this layer is ubuntu: summary of the top layer of 14.04 ).
➜ ~ cat repositories {"ubuntu":{"14.04":"6d4946999d4fb403f40e151ecbd13cb866da125431eb1df0cdfd4dc72674e3c6"}}
Go to a folder and view the json file. It is a json definition that saves a lot of information, mainly about the image configuration information. The brief structure is as follows:
Layer.tar is also a packaging file. We can see below that it contains a structure similar to the Linux File directory, saving the modifications made by this layer:
➜ 435050075b3f881611b0f4c141bb723f38603caacd31a13a185c1a38acfb4ade tar -tf layer.tar etc/etc/apt/etc/apt/apt.conf.d/etc/apt/apt.conf.d/docker-cleanetc/apt/apt.conf.d/docker-gzip-indexesetc/apt/apt.conf.d/docker-no-languagesetc/dpkg/etc/dpkg/dpkg.cfg.d/etc/dpkg/dpkg.cfg.d/docker-apt-speedupsbin/sbin/initctlsbin/initctl.distribusr/usr/sbin/usr/sbin/policy-rc.dvar/var/lib/var/lib/dpkg/var/lib/dpkg/diversionsvar/lib/dpkg/diversions-old
Finally, it should be noted that the layer is shared among images. For different images, the layer with the same abstract will only save one copy and inherit in the form of a tree. You can usedocker images -tree
View:
Region ~ Sudo docker images-tree Warning: '-tree' is deprecated, it will be removed soon. see usage ...... # ├ ── 428b411c28f0 Virtual Size: 188.1 MB │ 43── 435050075b3f Virtual Size: 188.3 MB │ ─ ── 9fd3c8c9af32 Virtual Size: 188.3 MB │ ─ ── 6d4946999d4f Virtual Size: 188.3 MB Tags: ubuntu: latest, ubuntu: 14.04 │ └ ── cf73ddbcb12b Virtual Size: 375.1 MB │ ─ ── 7cb6f45e653d Virtual Size: 377.6 MB │ ─ ── c624e1a476d0 Virtual Size: 377.6 MB/second-4b087f2af755 Virtual Size: 389.1 MB/second-6940f969b4ed Virtual Size: 413.9 MB/second-1bc2ae3e600b Virtual Size: 414 MB/second-c35a7b3ee359 Virtual Size: 414 MB │ capacity-b4696f4e4d61 Virtual Size: 414 MB │ capacity-7413e661f075 Virtual Size: 414 MB │ capacity-9a2409206c78 Virtual Size: 414 MB Tags: registry: latest ..... # omitted